No SSL support for IOCP reactor

[justinj]

I get the following errors when trying to start an HTTP service over SSL using
the IOCP reactor.  I'm running Windows 2000 and the latest Twisted from subversion.
C:\svn\RatControl>twistd -r iocp -f ratcontrol.tap
C:\svn\RatControl\nevow\rend.py:41: DeprecationWarning: renderer.Renderer has be
en deprecated. Use rend.Page instead.
  NotFound = FourOhFour(), ()
2004/04/09 14:33 Central Daylight Time [-] Log opened.
2004/04/09 14:33 Central Daylight Time [-] twistd 1.2.1alpha2 (C:\Python23\pytho
n.exe 2.3.3) starting up
2004/04/09 14:33 Central Daylight Time [-] reactor class: <class 'twisted.intern
et.iocpreactor.proactor.Proactor'>
2004/04/09 14:33 Central Daylight Time [-] Traceback (most recent call last):
2004/04/09 14:33 Central Daylight Time [-]   File "C:\Python23\scripts\twistd.py
", line 36, in ?
2004/04/09 14:33 Central Daylight Time [-]     run()
2004/04/09 14:33 Central Daylight Time [-]   File "C:\Python23\lib\site-packages
\twisted\scripts\twistw.py", line 61, in run
2004/04/09 14:33 Central Daylight Time [-]     app.run(runApp, ServerOptions)
2004/04/09 14:33 Central Daylight Time [-]   File "C:\Python23\lib\site-packages
\twisted\application\app.py", line 205, in run
2004/04/09 14:33 Central Daylight Time [-]     runApp(config)
2004/04/09 14:33 Central Daylight Time [-]   File "C:\Python23\lib\site-packages
\twisted\scripts\twistw.py", line 51, in runApp
2004/04/09 14:33 Central Daylight Time [-]     service.IService(application).pri
vilegedStartService()
2004/04/09 14:33 Central Daylight Time [-]   File "C:\Python23\lib\site-packages
\twisted\application\service.py", line 205, in privilegedStartService
2004/04/09 14:33 Central Daylight Time [-]     service.privilegedStartService()
2004/04/09 14:33 Central Daylight Time [-]   File "C:\Python23\lib\site-packages
\twisted\application\service.py", line 205, in privilegedStartService
2004/04/09 14:33 Central Daylight Time [-]     service.privilegedStartService()
2004/04/09 14:33 Central Daylight Time [-]   File "C:\Python23\lib\site-packages
\twisted\application\internet.py", line 57, in privilegedStartService
2004/04/09 14:33 Central Daylight Time [-]     self._port = self._getPort()
2004/04/09 14:33 Central Daylight Time [-]   File "C:\Python23\lib\site-packages
\twisted\application\internet.py", line 74, in _getPort
2004/04/09 14:33 Central Daylight Time [-]     return getattr(reactor, 'listen'+
self.method)(*self.args, **self.kwargs)
2004/04/09 14:33 Central Daylight Time [-] AttributeError: 'Proactor' object has
 no attribute 'listenSSL'

[PenguinOfDoom]

Not possible until Twisted has a SSL-as-Protocol implementation. exarkun was
working on one. I might look into it, but not in any forseeable time.

[justinj]

I'm reassigning this to me.  Let me know if you have a problem with that.

[zooko]

I would be happy if this bug were fixed.

[zooko]

Waitaminute, is this the same bug as mine? Mine looks like this:

14:04:30 DEBUG 'twisted' [-] Starting factory <foolscap.negotiate.TubConnectorClientFactory object [from jcakyusx] [to joxqfyja] at 0x01B84650>
14:04:31 DEBUG 'twisted' [twisted.internet.iocpreactor.proactor.Proactor] negotiation had internal error:
14:04:31 DEBUG 'twisted' [twisted.internet.iocpreactor.proactor.Proactor] [Failure instance: Traceback: exceptions.AttributeError: 'ClientSocket' object has no attribute 'startTLS'
--tw--c:\Python24\Lib\site-packages\twisted\python\context.py:37:callWithContext
--tw--c:\Python24\Lib\site-packages\twisted\internet\iocpreactor\ops.py:41:ovDone
--tw--c:\Python24\Lib\site-packages\twisted\internet\iocpreactor\util.py:17:helpful
--tw--c:\Python24\Lib\site-packages\twisted\internet\iocpreactor\abstract.py:159:handle_connected_readDone
--tw----- <exception caught here> ---
--tw--c:\Python24\Lib\site-packages\foolscap\negotiate.py:380:dataReceived
--tw--c:\Python24\Lib\site-packages\foolscap\negotiate.py:559:handlePLAINTEXTClient
--tw--c:\Python24\Lib\site-packages\foolscap\negotiate.py:571:startENCRYPTED
--tw--c:\Python24\Lib\site-packages\foolscap\negotiate.py:921:startTLS
--tw--]

[exarkun]

There's ISSLTransport and there's ITLSTransport. These are probably not the best interface names, but the former is for transports which are using SSLv2, SSLv3, or TLSv1 and the latter is for transports which support negotiating up to one of those mechanisms. A missing startTLS method indicates the transport does not provide ITLSTransport and could be unrelated to ISSLTransport/IReactorSSL. However, in practice, these two are pretty tightly related and most likely implementing one of them will also involve doing about 95% of the work to implement the other.

[Cortex]

I also find myself in position of need for IOCPReactor and SSL. As far as I can tell, the IOCPReactor is only choice for my development on Win32 platform and PollReactor? is the only one for Unix, due to a FD limits on SelectReactor?. I'm not so familiar with the procedures inside Twisted development team, I assume that since this ticket has 'Enhancement' status assigned, it is not a priority. Nevertheless, what are the chances that IOCP & SSL would be available in near future ? I've tried to make it work by myself, I achieved some results, there were some data coming in and no data coming out of the server with my 'implementation' of SSL-IOCP. I'm guessing that this failure of my attempt is mostly caused by massive structural differences between twisted.internet.tcp and twisted.internet.iocpreactor.tcp ... I just couldn't link objects inside twisted.internet.ssl with objects in twisted.internet.iocpreactor.tcp. Nevertheless I felt like making quite a progress considering I spent just two hours with this. I do not correctly understand the post above, about the TLS things with things when other things, so please, can anyone advise me on why is the tcp in IOCP so much different from the 'default' one ? Is there any chance that I can do this on my own and make such twisted.internet.iocpreactor.ssl which would work or are there rather serious reasons why not event attempt to do so ?